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A game playing system includes a use permission tag pro- 
vided for use in a game disk for a user of a game, a disk drive, 
and a reproduction device for reproducing the game. The disk 
drive reads out a disk ID from the game disk. When the game 
is to be played, the reproduction device conveys the disk ID 
and a player ID to the use permission tag. The use permission 
tag stores the terms of use of the game and determines 
whether a combination of the disk ID and the player ID 
conveyed from the reproduction device fulfills the terms of 
use or not. 
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ELECTRONIC CONTENT PROCESSING 
SYSTEM, ELECTRONIC CONTENT 

PROCESSING METHOD, PACKAGE OF 
ELECTRONIC CONTENT, AND USE 
PERMISSION APPARATUS 

BACKGROUND OF THE INVENTION 
[0001] 1 . Field of the Invention 

[0002] The present invention relates to a data processing 
technology, and more particularly to a technology for repro- 
ducing electronic content stored in a recording medium. 
[0003] 2. Description of the Related Art 
[0004] Recent years have seen widespread use of terminal 
apparatuses, each provided with a drive for reading data from 
a recording medium, which processes electronic content 
stored in the recording media. The terminal apparatus, which 
is a game device, for instance, reads out a game application 
(hereinafter referred to as "game AP" also) recorded optically 
or magnetically in a recording medium such as DVD. 
[0005] A technology of digital rights management (DRM) 
is introduced to prevent the electronic content from being 
used unlimitedly. 

[0006] Typically, DRM is a technology for the prevention 
of the unlimited copy of electronic content. To this end, the 
inventor recognized that there are cases where it is difficult to 
suitably restrict the use of electronic content, stored in the 
recording medium like DVD and commercially traded, 
according to the attributes of use entities of the electronic 
content. 

SUMMARY OF THE INVENTION 

[0007] The present invention has been made in view of the 
aforementioned problems, and the main purpose thereof is to 
provide a technology for restricting the use of electronic 
content store in a recording medium according to the use 
entities of the electronic content. 

[0008] Inorderto resolve the above-described problems, an 
electronic content processing system according to one 
embodiment of the present invention includes: a use permis- 
sion apparatus provided for use in a recording medium that 
stores electronic content for a user of the electronic content; a 
medium drive configured to read the electronic content from 
the recording medium; and a reproduction device configured 
to reproduce the electronic content read by the medium drive. 
The medium drive has a security management unit configured 
to read from the recording medium an article ID that is an ID 
of the electronic content or the recording medium. The repro- 
duction device has a security management unit configured to 
convey a reproduction entity ID, which is a reproduction 
device ID or a user ID, together with the article ID read by the 
medium drive to the use permission apparatus when the elec- 
tronic content is to be reproduced. The use permission appa- 
ratus includes: a use condition storage for storing a use con- 
dition that defines an attribute of an entity accessible to the 
electronic content; and a determining unit for determining 
whether or not a combination of the article ID and the repro- 
duction entity ID conveyed from the reproduction device 
fulfills the use condition. The security management unit of the 
reproduction device determines a reproduction mode of the 
electronic content based on a decision result as to whether or 
not the combination thereof fulfills the use condition. 
[0009] Another embodiment of the present invention 
relates also to an electronic content processing system. The 



electronic content processing system includes: a use permis- 
sion apparatus provided for use in a recording medium that 
stores electronic content for a user of the electronic content; 
and a reproduction device configured to reproduce the elec- 
tronic content stored in the recording medium. The reproduc- 
tion device has a security management unit configured to 
convey a reproduction entity ID, which is a reproduction 
device ID or a user ID, when the electronic content is to be 
reproduced. The use permission apparatus includes: a use 
condition storage for storing a use condition that defines an 
attribute of an entity accessible to the electronic content; and 
a determining unit for determining whether or not the repro- 
duction ID conveyed from the reproduction device fulfills the 
use condition. The security management unit of the reproduc- 
tion device determines a reproduction mode of the electronic 
content based on a decision result as to whether or not the 
reproduction entity ID fulfills the use condition. 

[0010] Still another embodiment of the present invention 
relates to a use permission apparatus. The user permission 
apparatus is an apparatus provided for use in a recording 
medium that stores electronic content for a use of electronic 
content, and the use permission apparatus includes: a use 
condition storage configured to store a use condition that 
defines an attribute of an entity accessible to the electronic 
content; a receiving unit configured to receive an ID of a 
reproduction entity ID, which is a reproduction device ID or 
a user ID, from the reproduction device that reproduces the 
electronic content stored in the recording medium; a deter- 
mining unit configured to determine whether the reproduc- 
tion entity ID conveyed from the reproduction device fulfills 
the use condition or not; and a conveying unit configured to 
convey a decision result, regarding whether the reproduction 
entity ID fulfills the use condition or not, to the reproduction 
device. 

[0011] Still another embodiment of the present invention 
relates to an electronic content processing method. The 
method includes: conveying a reproduction entity ID, which 
is a reproduction device ID or a user ID, from a reproduction 
device, which is to reproduce electronic content stored in a 
recording medium, to a use permission apparatus provided 
for use in the recording medium for a user of the electronic 
content; determining whether the reproduction entity ID con- 
veyed from the reproduction device fulfills a use condition or 
not, wherein the determining is performed by the user per- 
mission apparatus that references a use condition that defines 
an attribute of an entity accessible to the electronic content 
stored in a predetermined storage area; and determining a 
reproduction mode of the electronic content according to a 
decision result regarding whether the reproduction entity ID 
fulfills the use condition or not. 

[0012] Still another embodiment of the present invention 
relates to a package of electronic content available in a com- 
mercial transaction. The package of electronic content 
includes and is supplied with: a recording medium storing the 
electronic content; a use permission apparatus configured to 
store a use condition of the electronic content and configured 
to determine whether the use condition is fulfilled or not, 
when an instruction is given to reproduce the electronic con- 
tent from an external reproduction device. 

[0013] Optional combinations of the aforementioned con- 
stituting elements, and implementations of the invention in 
the form of apparatuses, methods, systems, computer pro- 
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grams, recording media that store the programs, and so forth 
may also be effective as additional modes of the present 
invention. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0014] Embodiments will now be described by way of 
examples only, with reference to the accompanying drawings 
which are meant to be exemplary, not limiting, and wherein 
like elements are numbered alike in several Figures in which: 
[0015] FIG. 1 illustrates a structure of a game playing sys- 
tem according to an embodiment. 

[0016] FIG. 2 is a block diagram showing a functional 
structure of a disk shown in FIG. 1. 

[0017] FIG. 3 is a block diagram showing a functional 
structure of a reproduction device shown in FIG. 1. 
[0018] FIG. 4 is a block diagram showing a functional 
structure of a use permission tag shown in FIG. 1. 
[0019] FIG. 5 is a diagram showing a structure of a legiti- 
mate use information table. 

[0020] FIG. 6 is a diagram showing a structure of a tempo- 
rary use information table. 

[0021] FIG. 7 is a flowchart showing an operation of a game 
playing system. 

[0022] FIG. 8 is a flowchart showing in detail a use permit/ 
reject decision processing of Step S20 of FIG. 7 that deter- 
mines whether use is to be permitted or rejected. 
[0023] FIG. 9 is a flowchart showing in detail an initial use 
processing of Step S36 of FIG. 8. 

[0024] FIG. 10 is a flowchart showing in detail a legitimate 

use processing of Step S40 of FIG. 8. 

[0025] FIG. 11 is a flowchart showing in detail a temporary 

use processing of Step S42 of FIG. 8. 

[0026] FIG. 12 is a flowchart showing in detail a game start 

processing of Step S24 of FIG. 7. 

DETAILED DESCRIPTION OF THE INVENTION 

[0027] The invention will now be described by reference to 
the preferred embodiments. This does not intend to limit the 
scope of the present invention, but to exemplify the invention. 
[0028] The development of electronic content including 
game applications (APs) is costly and therefore in a content 
business it is vital to redistribute part of proceeds from sales 
of the electronic content to the developers. On the other hand, 
the electronic content is being bought and sold in second- 
hand markets. In such a scheme where the electronic content 
is bought and sold in the second-hand markets or the like, the 
sales proceeds resulting therefrom are not redistributed to the 
developers. Also, since the users who have purchased the 
second-hand items are somehow no longer potential buyers of 
the content, the developers would lose their profits otherwise 
gained in the first place. 

[0029] As a technique to suppress the second-hand sales 
and purchase, a user may be first required to send a password 
or the like to a remote authentication server from a reproduc- 
tion device (game player) via the Internet and the reproduc- 
tion of content may be permitted only for the device that has 
succeeded in authentication. However, where the reproduc- 
tion device is not connected to the Internet, use of the content 
cannot be controlled. Also, where the connection to the Inter- 
net is an absolute requirement, user's convenience may be 
significantly reduced. Besides, users may communicate to 
share the password between them and therefore the second- 
hand sales and purchase cannot be eliminated reliably. 



[0030] In view of the foregoing problems described above, 
according to the present embodiment, a recording medium 
and a radiofrequency (RF) tag storing the terms of use (use 
condition) are included in the same packet (package) of elec- 
tronic content. Proposed is an electronic content processing 
system where a usage mode of the electronic content is deter- 
mined based on whether a reproduction entity, such as a 
reproduction device or user of the electronic content fulfills 
the use condition or not. 

[0031] More specifically, a reproduction device (player), 
which is to reproduce (play) electronic content, conveys 
unique information, which can uniquely identify the repro- 
duction device from among a large number of reproduction 
devices, to a use permission tag. The RF tag verifies the 
unique information against the use condition and conveys this 
verification result to the reproduction device. In the present 
embodiment, one of "permission information", "temporary 
permission information", and "rejection information" is con- 
veyed as the verification result. Here, the "permission infor- 
mation" indicates that the use of electronic content is permit- 
ted, the "temporary permission information" indicates that 
the use thereof is temporarily permitted, and the "rejection 
information" indicates that the use thereof is denied. The 
reproduction device executes the reproduction of electronic 
content or rejects it according to the type of information 
conveyed from the use permission tag. 
[0032] According to the present embodiment, realized is 
the electronic content processing system that reliably restricts 
the use of electronic content dealt in the second-hand mar- 
kets. As a result, the dealing of electronic content in the 
second-hand markets is suppressed, which in turn supports 
the redistribution of part of proceeds from sales of the elec- 
tronic content to the developers. Though in the following 
description a game application (AP) is exemplified as the 
electronic content, the present embodiment is similarly appli- 
cable to various kinds of electronic content such as an office 
suite, images, and music content. 

[0033] FIG. 1 illustrates a structure of a game playing sys- 
tem 1000 according to an embodiment. A game device 100 is 
a stationary game device, and the game device 100 includes a 
disk drive 110, a storage 120, and a reproduction device 130 
connected to the disk driven 110 and the storage 120. A game 
packages 200 is a product package distributed in the commer- 
cial transactions, and the game package 100 is supplied with 
a game disk 210 and a use permission tag 220. In other words, 
the game disk 210 and the use permission tag 220 are com- 
mercially released and transacted as a set and are also distrib- 
uted integrally as an inseparable set, that is, are distributed as 
a bundle. 

[0034] The game disk 210 is an optical disk medium that 
stores various types of data used to execute a game. Recorded 
in the game disk 210 are a disk ID that is an ID, unique to the 
game disk 210, which can uniquely identify the game disk 
210 from among a plurality of game disks, a content key that 
is key data used for encryption, and an encrypted AP that is 
data where the game AP has been encrypted with the content 
key. When the reproduction device of the game AP is to be 
restricted, in the present embodiment the data indicating 
accordingly is set in a predetermined field of the disk ID. For 
example, a specific bit of the disk ID may be set to "1". 
[0035] The disk drive 110 is an optical drive that reads 
various types of data from the game disk 210, and sends the 
data read from the game disk 210 to the reproduction device 
130. The detailed structure of the disk drive 110 will be 
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discussed later. The storage 120 is a hard disk drive that stores 
data that the reproduction device 130 is to store in a non- 
volatile manner. 

[0036] The use permission tag 220 is an RF tag that wire- 
lessly communicates with the reproduction device 130 and 
may be a non-contact IC card, for instance. The use permis- 
sion tag 220 determines whether use of game AP is permitted 
or not, based on the information received from the reproduc- 
tion device 130, and conveys its decision result to the repro- 
duction device 130. Here, the decision result is information 
on permission, temporary permission, or rejection. The 
detailed structure of the use permission tag 220 will be dis- 
cussed later. 

[0037] The reproduction device 130 is an information pro- 
cessing apparatus that reproduces game content by acquiring 
a game AP from the disk drive 110 and then performing the 
information processing according to the game AP. Also, the 
reproduction device 130 may be said to be a game console that 
controls games. The reproduction device 130 controls a game 
based on a user's operation on the controller 300 and displays 
a game screen on a display 400. The detailed structure of the 
reproduction device will be described later. 
[0038] Though the game device 100 is shown in FIG. 1 as 
the stationary game device, the game device 100 may be a 
portable game device and, in such a case, the controller 300 
and the display 400 may be formed integrally with the game 
device 100. Also, the game 100 may be a general-purpose 
personal computer (PC). 

[0039] The details concerning each component shown in 
FIG. 1 will be explained using the block diagrams . Each block 
shown in the block diagrams of the present patent specifica- 
tion may be achieved hardwarewise by elements, electronic 
circuits and mechanical devices such as a CPU (MPU), 
memory, HDD and the like of a computer, and softwarewise 
by computer programs and the like. Depicted in the block 
diagrams are functional blocks implemented by cooperation 
of hardware and software. Therefore, it will be obvious to 
those skilled in the art that the functional blocks may be 
implemented by a variety of manners. For example, in the 
reproduction device 130, software modules corresponding to 
the respective functional blocks may be executed by a gen- 
eral-purpose microprocessor. Also, in the disk drive 110 or 
the use permission tag 220, software modules corresponding 
to the respective functional blocks may be executed by a 
dedicated microcontroller. 

[0040] FIG. 2 is a block diagram showing a functional 
structure of the disk drive 110 of FIG. 1. The disk drive 110 
includes a disk access unit 112, a disk transmit/receive unit 
114, and a security management unit 116. The security man- 
agement unit 116 includes an authentication control unit 118. 
[0041] The disk access unit 112 reads out various types of 
data stored in the game disk 210. The data transmit/receive 
unit 114 sends various types of data to the reproduction device 
130 and receives various types of data from the reproduction 
device 130. 

[0042] When the security management unit 116 receives 
acquisition requests for a disk ID, a content key and an 
encrypted AP from the reproduction device 130, the security 
management unit 116 supplies the disk ID, the content key 
and the encrypted AP stored in the game disk, respectively, to 
the reproduction device 130. 

[0043] When the temporary permission information sup- 
plied from the use permission tag 220 is received via the 
reproduction device 130, the security management unit 116 



determines if the temporary permission information is legiti- 
mate (e.g., if the temporary permission information agrees 
with a predetermined data format). If the temporary permis- 
sion information is legitimate, the content key stored in the 
game disk 210 will be supplied to the reproduction device 
130. This temporary information will not be saved perma- 
nently (in a non-volatile manner) in the disk drive 110. The 
authentication control unit 118 controls a communication 
session for the security management unit 144 of the repro- 
duction device 130 (described later) and a communication 
session for the security management unit 226 of the use 
permission tag 220 (described later). The detail of the authen- 
tication control unit 118 will be discussed later. 
[0044] FIG. 3 is a block diagram showing a functional 
structure of the reproduction device 130 of FIG. 1 . The repro- 
duction device 130 includes an RF reader/writer (hereinafter 
referred to as "RFRW") 132, a drive interface (IF) 134, a 
storage IF 136, an operation detector 138, a reproduction 
execution unit 140, a display control unit 142, and a security 
management unit 144. The security management unit 144 
includes an authentication control unit 146, a decision pro- 
cessing unit 148, a decryption processing unit 150. 
[0045] The RFRW 132, which wirelessly communicates 
with the use permission tag 220 via a not-shown antenna, 
transmits the data received from the security management 
unit 144 to the use permission tag 220 and sends out the data 
received from the use permission tag 220 to the security 
management unit 144. 

[0046] The drive IF 134, which provides a function of inter- 
facing with the disk drive 110, sends various types of data to 
the disk drive 110 and receives various types of data from the 
disk drive 110. The storage IF 136, which provides a function 
of interfacing with the storage 120, has various types of data 
stored in the storage 120 and reads out various types of data 
stored in the storage 120. 

[0047] The operation detector 138 detects a user's opera- 
tion on the controller 300 and conveys its operation input to 
each functional block. The reproduction execution unit 140 
reproduces game content according to a game AP. More spe- 
cifically, as the start of a game is permitted by the security 
management unit 144, the data of the game AP decrypted by 
the security management unit 144 is acquired as needed and 
executed. Then, image data to be displayed by the display 400 
is sent to the display control unit 142 as appropriate. The 
display control unit 142 controls the displaying of a game 
screen on the display 400; for example, the display control 
unit 142 sends the data, on the screen sent from the reproduc- 
tion execution unit 140, to the display 400 so as to be dis- 
played thereon. 

[0048] The authentication control unit 146 controls a com- 
munication session for the security management unit 116 of 
the disk drive 110 and a communication session for the secu- 
rity management unit 226 of the use permission tag 220 
(described later). The detail of the authentication control unit 
146 will be discussed later. 

[0049] As an instruction to start the game is received in the 
operation detector 138, the decision processing unit 148 
sends an acquisition request for a disk ID to the disk drive 110 
and acquires the disk ID. If the data indicating that the repro- 
duction device of game AP is restricted is not set in a prede- 
termined field of the disk ID, the decision processing unit 148 
will convey an instruction to permit the start of the game to the 
reproduction execution unit 140 and the decryption process- 
ing unit 150. 
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[0050] If the data indicating that the reproduction device of 
game AP is restricted is set in the predetermined field of the 
disk ID, the decision processing unit 148 will reference the 
storage 120 and thereby check to see if the permission infor- 
mation has already been stored. As will be discussed later, the 
permission information is decrypted with a secret key of the 
reproduction device 130 and is stored in the storage 120. 
Thus, the decision processing unit 148 decrypts the encrypted 
data using the secret key of the reproduction device 130 and 
then determines whether the content of the permission infor- 
mation stored is legitimate or not (e.g., whether it agrees with 
a predetermined data format). 

[0051] If the legitimate permission information has already 
been stored in the storage 120, the decision processing unit 
148 will display a screen, by which to have the user select 
whether the checking of authorization using the use permis- 
sion tag 220 is to be skipped or not, on the display 400 via the 
display control unit 142. If the user selects to skip the check- 
ing of authorization using the use permission tag 220, the 
decision processing unit 148 will convey an instruction to 
permit the start of the game to the reproduction execution unit 
140 and the decryption processing unit 150. 

[0052] If the legitimate permission information is not 
stored in the storage 120 or if the user selects to check autho- 
rization using the use permission tag 220, the decision pro- 
cessing unit 148 will display a screen, by which to prompt the 
user to bring the use permission tag 220 close to the RFRW 
132, on the display 400. On this screen, messages like "pass 
the use permission tag over the RF reader/writer" will be 
displayed. When the RFRW 132 detects that the use permis- 
sion tag 220 has approached the RFRW 132, the decision 
processing unit 148 conveys information on the request for 
reproduction to the user permission tag 220 via the RFRW 
132. In this reproduction request information, the disk ID and 
an ID, unique to the reproduction device 130, which can 
uniquely identify the reproduction device 130 (hereinafter 
referred to as "reproduction device ID" also) are set such that 
the disk ID and the reproduction device ID are associated with 
each other. Examples of the reproduction ID include a manu- 
facturer' s serial number of the reproduction device and a 
medium access control (MAC) address. 

[0053] If the permission information is conveyed from the 
use permission tag 220 as a response to the notification of the 
reproduction request information, the decision processing 
unit 148 will store the use permission information in the 
storage 120 and, at the same time, convey an instruction to 
permit the start of the game to the reproduction execution unit 
140 and the decryption processing unit 150. When the use 
permission information is to be stored in the storage 120, the 
decision processing unit 140 encrypts the permission infor- 
mation using a secret key that has been determined before- 
hand in the reproduction device 130, and stores the encrypted 
data in the storage 120. It is desired that the secret key is set 
during a manufacturing process, for instance, and therefore it 
is concealed to the user. 

[0054] Ifthe rejection information is conveyed from the use 
permission tag 220 as a response to the notification of the 
reproduction request information, the decision processing 
unit 148 will display a screen, indicating that it is unable to 
start the game (i.e., indicating to reject the start of the game), 
on the display 400. On this screen, for example, messages or 
any indication indicating that the use permission tag 220 does 
not comply with the game disk 210 may be displayed or those 



indicating that the number of temporary uses exceeds the 
maximum allowable number may be displayed. 
[0055] If the start of the game is granted by the decision 
processing unit 148, the decryption processing unit 150 will 
send an acquisition request for a content key to the disk drive 
110 and acquire the content key. As the acquisition request for 
game AP is received from the reproduction execution unit 
140, the decryption processing unit 150 acquires the 
encrypted AP from the disk drive 110. Then, the encrypted AP 
is decrypted using the content key and the resulting game AP 
is sent to the reproduction execution unit 140, thereby execut- 
ing the reproduction processing of the game. As described 
above, if the temporary permission information is conveyed 
to the disk drive 110 from the use permission tag 220, a 
content key will be supplied from the security management 
unit 116 of the disk drive 110 and then the decryption pro- 
cessing unit 150 will acquire the content key. 
[0056] FIG. 4 is a block diagram showing a functional 
structure of the use permission tag 220 shown in FIG. 1. The 
use permission tag 220 includes a use condition storage 222, 
an RF communication unit 224, and a security management 
unit 226. The security management unit 226 performs a pro- 
cess of determining whether the use of game AP is permitted 
or rejected (use permit/reject decision processing). The secu- 
rity management unit 226 includes a authentication control 
unit 228 and a decision processing unit 230. 
[0057] The use condition storage 222 is an electrically eras- 
able and programmable read-only memory (EEPROM) 
where an attribute of a reproduction device having the right of 
usage of the game AP, namely the right of reproduction of the 
game AP, is stored as the use condition. Also, the use condi- 
tion storage 222 is a secure data storage area where accesses 
from other than the security management unit 226 is blocked. 
Stored in the use condition storage 222 is a legitimate use 
information table that stores information on reproduction 
devices having legitimate right of usage of the game AP 
(hereinafter referred to as "legitimate use device" also). Fur- 
ther stored in the use condition storage 222 is a temporary use 
information table that stores reproduction devices having 
temporary right of usage of the game AP (hereinafter referred 
to as "temporary use device" also). 

[0058] FIG. 5 is a diagram showing a structure of a legiti- 
mate use information table. In the legitimate use information 
table, the disk ID of the game disk 210 and the ID of the 
reproduction device 130 as a legitimate use device are stored 
such that they are associated with each other. The disk ID in 
the legitimate use information table is such that the disk ID of 
a game disk 210 included in the game package 200 (in the 
same game package) is predetermined when the game pack- 
ages is shipped from a factory. On the other hand, a legitimate 
use device ID is not yet set at the time when the game package 
200 is shipped from a factory and will be set through an initial 
use permit/reject processing. 

[0059] FIG. 6 is a diagram showing a structure of a tempo- 
rary use information table. In the temporary information 
table, the disk ID of the game AP and the ID of the reproduc- 
tion device 130 as a temporary use device are stored in asso- 
ciation with the number of times for which the temporary use 
is permitted. The record of the temporary use information 
table is typically not set at the time of shipment from a factory, 
and will be set as needed in a use permit/reject processing 
done from the second time onwards. 

[0060] Referring back to FIG. 4, the RF communication 
unit 224 wirelessly communicates with the reproduction 
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device 130 via a not-shown antenna. And the RF communi- 
cation unit 224 sends data received from the security man- 
agement unit 226 to the reproduction device 130 and sends 
data received from the reproduction device 130 to the security 
management unit 226. The authentication control unit 228 
controls a communication session for the security manage- 
ment unit 116 of the disk drive 110 and controls a communi- 
cation session for the security management unit 144 of the 
reproduction device 130. The detail of the authentication 
control unit 228 will be discussed later. 
[0061] As the decision processing unit 230 receives the 
reproduction request information, which is a combination of 
the disk ID and the reproduction device ID, from the repro- 
duction device 130, the decision processing unit 230 refer- 
ences the use condition storage 22 and thereby determines 
whether use of the game AP is permitted or not. More spe- 
cifically, the reproduction request information is checked 
against the information of the legitimate use information 
table and both whether the disk ID is legitimate or not and 
whether the reproduction device ID has the legitimate right of 
reproduction of the game AP or not are determined, thereby 
determining whether execution of the game AP is permitted 
or not. 

[0062] Even though the reproduction device 130 does not 
have the legitimate right of usage of the game AP, namely the 
right of reproduction of the game AP, the decision processing 
unit 230 permits the reproduction device 130 to temporarily 
reproduce the game AP for a predetermined period of time. In 
the present embodiment, a temporary use is permitted to the 
reproduction device 130, which does not have the legitimate 
right of usage, on the condition that the number of temporary 
uses is within a predetermined maximum allowable number 
(e.g., five times). If, however, the reproduction device ID 
having a legitimate reproduction right of usage is received 
after the temporary use has been permitted, the number of 
temporary uses will be reset. Thus, the temporary use beyond 
the maximum allowable number initially set is possible. In a 
modification to the present embodiment, the period of time 
during which the temporary use is permitted may be the 
number of hours or the number of days, such as 24 hours or 5 
days, instead of the number of times. 

[0063] The decision processing unit 230 also conveys the 
permission information or rejection information to the repro- 
duction device 130 as a result of the use permit/reject decision 
processing or conveys the temporary permission information 
to the disk drive 110 as a result of the use permit/reject 
decision processing. The detail of use permit/reject decision 
processing of the decision processing unit 230 will be 
described later. 

[0064] When data is to be transmitted and received between 
the security management unit 116 of the disk drive 110 and 
the security management unit 144 of the reproduction device 
130, a communication session is established between the 
authentication control unit 118 of the security management 
unit 116 and the authentication control unit 146 of the security 
management unit 144. Then a session key, which is deter- 
mined uniquely in the communication session, is acquired. 
Here, the session key takes a different value for each commu- 
nication session. 

[0065] More specifically, the authentication control unit 
146 of the security management unit 144 conveys the identity 
information on the reproduction device 130 (e.g., a hash value 
of the device ID) to the security management unit 116. The 
authentication control unit 118 of the security management 



unit 116 determines whether the thus conveyed identity infor- 
mation on the reproduction device 130 agrees with the iden- 
tity information on a legitimate reproduction device stored 
beforehand or not. For example, whether the hash value based 
on the device ID of the legitimate reproduction device stored 
beforehand agrees with the hash value conveyed from the 
reproduction device 130 or not may be determined. At the 
same time, the authentication control unit 118 of the security 
management unit 116 conveys the identity information on the 
disk drive 110 (e.g., a hash value of the device ID) to the 
security management unit 144. The authentication control 
unit 146 of the security management unit 144 determines 
whether the thus conveyed identity information on the disk 
drive 110 agrees with the identity information on a legitimate 
disk drive stored beforehand or not. For example, whether the 
hash value based on the device ID of the legitimate disk drive 
stored beforehand agrees with the hash value conveyed from 
the disk drive 110 or not may be determined. In this manner, 
the mutual authentication processes of determining whether a 
transmission destination is a legitimate device or not are 
performed at both the reproduction device 130 and the disk 
drive 110. If the mutual authentication processes are success- 
ful, at least either one of the authentication control unit 146 of 
the security management unit 144 and the authentication 
control unit 118 of the security management unit 116 will 
issue a session key and then the identical session key will be 
stored in both of them. 

[0066] The authentication control unit 118 of the security 
management unit 116 encrypts data, which is to be sent from 
the disk drive 110 to the reproduction device 130, more spe- 
cifically the data being a disk ID and/or a content key, using 
the session key and then transmits the encrypted data to the 
reproduction device 130. The authentication control unit 146 
of the security management unit 144 decrypts the encrypted 
data sent from the disk drive 110, using the session key and 
then acquires the disk ID and/or content key. 

[0067] Similarly, when data is to be transmitted and 
received between the security management unit 144 of the 
reproduction device 130 and the security management unit 
226 of the use permission tag 220, a communication session 
is established between the authentication control unit 146 of 
the security management unit 144 and the authentication 
control unit 228 of the security management unit 226. Simi- 
larly to the above, the authentication control unit 146 of the 
security management unit 144 and the authentication control 
unit 228 of the security management unit 226 mutually 
authenticate that a transmission destination is a legitimate 
device; then they acquire and share a unique session key on 
the condition that the mutual authentication processes have 
been successful. The authentication control unit 146 of the 
security management unit 144 encrypts the reproduction 
request information, using the session key and then transmits 
the encrypted reproduction request information to the use 
permission tag 220. The authentication control unit 228 of the 
security management unit 226 decrypts the encrypted data, 
using the session key and then acquires the reproduction 
request information. The authentication control unit 228 of 
the security management unit 226 encrypts a result of the use 
permit/reject decision processing, namely the permission 
information or rejection information, using the session key 
and then transmits the encrypted result thereof to the repro- 
duction device 130. The authentication control unit 146 of the 
security management unit 144 decrypts the encrypted data, 
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using the session key and then acquires the result of the use 
permit/reject decision processing. 

[0068] Similarly, when data is to be transmitted and 
received between the security management unit 226 of the use 
permission tag 220 and the security management unit 116 of 
the disk drive 110, a communication session is established 
between the authentication control unit 228 of the security 
management unit 226 and the authentication control unit 118 
of the security management unit 116. Similarly to the above, 
the security management unit 226 of the use permission tag 
220 and the security management unit 116 of the disk drive 
110 mutually authenticate that a transmission destination is a 
legitimate device; then they acquire and share a unique ses- 
sion key on the condition that the mutual authentication pro- 
cesses have been successful. The communication session is a 
logical communication channel. As a physical communica- 
tion channel, the communication session may include the 
following communication paths, for instance, ( 1 ) between the 
authentication control unit 118 and the data transmit/receive 
unit 114, (2) between the data transmit/receive unit 114 and 
the drive IF 134, (3) between the drive IF 134 and the RFRW 
132, (4) between the RFRW 132 and the RF communication 
unit 224, and (5) between the RF communication unit 224 and 
the authentication control unit 228. The authentication con- 
trol unit 228 of the security management unit 226 encrypts the 
temporary permission information with the session key, and 
transmits the encrypted data to the disk drive 110 via the 
reproduction device 130. The authentication control unit 118 
of the security management unit 116 decrypts the encrypted 
data with the session key and then acquires the temporary 
permission information. 

[0069] An operation implementing the above-described 
structure is as follows. FIG. 7 is a flowchart showing an 
operation of the game playing system 1000. In the flowcharts 
of the patent specification of the present invention, the pro- 
cedure of each structural component is shown using S (the 
capital letter of "Step"), which means a step, and numbers 
combined. If a determining process is executed in a process- 
ing indicated by the combination of S and a number and if the 
decision result is positive, "Y" (the capital letter of "Yes") 
will be appended like "(Y of S10)". If, on the other hand, the 
decision result is negative, "N" (the capital letter of "No") 
will be appended like "(N of S10)". 

[0070] As an instruction to load the game disk 210 is 
detected by the operation detector 128 of the reproduction 
device 130 (Y of S10), the security management unit 116 of 
the disk drive 110 acquires a disk ID from the game disk 210 
and then conveys the acquired disk ID to the security man- 
agement unit 144 of the reproduction device 130 (S12). If the 
data indicating that the reproduction device is restricted is set 
in the disk ID (Y of S14), if the permission information is 
stored in the storage 120 (Y of S16), and if the user instructs 
not to use the permission information stored (N of S18), the 
security management unit 144 of the reproduction device 130 
will execute the use permit/reject decision processing in 
cooperation with the security management unit 226 of the use 
permission tag 220 (S20). If the permission information is not 
stored in the storage 120 (N of S16), Step S18 will be skipped. 
[0071] If the permission information or temporary permis- 
sion information is conveyed from the security management 
unit 226 of the use permission tag 220 as a result of the use 
permit/reject decision processing (Y of S22), a process of 
starting the game is executed (S24). The game is terminated 
as appropriate if a predetermined termination condition has 



been met, for example, if an exit operation by the user is 
detected after the execution of game AP has started. If the 
rejection information is conveyed from the security manage- 
ment unit 226 of the use permission tag 220 (N of S22), the 
security management unit 144 of the reproduction device 130 
will inform the user of rejection of the start of the game (S26). 
If the user instructs to use the permission information that has 
already been stored in the storage 120 (Y of S18), Steps S20 
and S22 will be skipped; if the data indicating that the repro- 
duction device is restricted is not set in the disk ID (N of S14), 
Steps S16 to S22 will be skipped. If an instruction to load the 
game disk 210 is not detected (N of S10), the subsequence 
processes will be skipped and the flow of FIG. 7 will be 
terminated. 

[0072] FIG. 8 is a flowchart showing in detail a use permit/ 
reject decision processing of Step S20 of FIG. 7 that deter- 
mines whether use is to be permitted or rej ected. The security 
management unit 144 of the reproduction device 130 conveys 
the reproduction request information including the disk ID 
and the reproduction device ID to the security management 
unit 226 of the use permission tag 220 (S30). If the disk ID in 
the reproduction request information does not match any of 
the disk IDs in the legitimate use information table (N of S32), 
the security management unit 226 of the use permission tag 
220 will convey the rejection information to the reproduction 
device 130 (S44). If the disk ID in the reproduction request 
information matches a disk ID in the legitimate use informa- 
tion table (Y of S32) and if a legitimate use device ID is not set 
in the legitimate use information table (N of S34), the security 
management unit 226 will execute an initial use processing 
(S36). If a legitimate use device ID has already been set in the 
legitimate use information table (Y of S34) and if the repro- 
duction device ID in the reproduction request information 
matches the legitimate use device ID (Y of S38), the security 
management unit 226 will execute a legitimate use processing 
(S40). If the reproduction device ID in the reproduction 
request information does not match the legitimate use device 
ID (N of S38), the security management unit 226 will execute 
a temporary use processing (S40). 

[0073] FIG. 9 is a flowchart showing in detail the initial use 
processing of Step S36 of FIG. 8. The security management 
unit 226 of the use permission tag 220 sets the reproduction 
ID of the reproduction request information in the legitimate 
use information table as a legitimate use device ID (S50). 
Then the permission information encrypted with the session 
key communicated with the reproduction device 130 is sup- 
plied to the reproduction device 130. (S52). 
[0074] FIG. 10 is a flowchart showing in detail the legiti- 
mate use processing of Step S40 of FIG. 8. If any record 
indicating a temporary use is in the temporary use informa- 
tion table (Y of S60), the security management unit 226 of the 
use permission tag 220 will reset the number of temporary 
uses for each record (S62). For example, the number of tem- 
porary uses for all the records in the temporary use informa- 
tion table may be initialized to "0" or all the records may be 
deleted. If no record is set in the temporary use information 
table (N of S60), Step S62 will be skipped. The security 
management unit 226 conveys the permission information to 
the reproduction device 130 (S64). 

[0075] FIG. 11 is a flowchart showing in detail the tempo- 
rary use processing of Step S42 of FIG. 8. The security 
management unit 226 of the use permission tag 220 updates 
the temporary information table based on the reproduction 
request information (S70). More specifically, if there is no 
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record associated with a combination of a disk ID and a 
reproduction device ID in the reproduction request informa- 
tion, a record where the reproduction device ID is set to the 
temporary use device ID and the number of temporary uses is 
set to "1" will be inserted, if there is a record associated with 
a combination of a disk ID and a reproduction device ID in the 
reproduction request information, the number of temporary 
uses for the record will be incremented. If the number of 
temporary uses after change is equal to or less than the maxi- 
mum allowable number (Y of S72), the security management 
unit 226 will directly authenticate whether the disk drive 110 
is a legitimate disk drive or not. If the authentication is suc- 
cessful (Y of S74), the security management unit 226 will 
supply the temporary permission information, encrypted with 
the session key communicated with the disk drive 110, to the 
disk drive 1 1 (S76). If the number of temporary uses after the 
change exceeds the maximum allowable number (N of S72) 
or if it is determined that the disk drive 110 is an improper or 
illegitimate drive (N of S74), the rejection information will be 
conveyed to the reproduction device 130 (S78). 
[0076] FIG. 12 is a flowchart showing in detail the game 
start processing of Step S24 of FIG. 7. If the use permit/reject 
decision processing of Step S20 of FIG. 7 is performed (N of 
S80) and the security management unit 144 of the reproduc- 
tion device 130 receives the permission information (N of 
S82), the security management unit 144 will store the permis- 
sion information in the storage 120 (S84). At the same time, 
the content key is obtained from the security management 
unit 116 of the disk drive 110 (S86). The security manage- 
ment unit 144 decrypts the encrypted game AP using the 
content key, and the reproduction execution unit 140 starts the 
processing of the game AP (S88). If the security management 
unit 116 of the disk drive 110 receives temporary permission 
information (Y of S82), the security management unit 116 
will supply the content key to the security management unit 
144 of the reproduction device 130 without permanently stor- 
ing the temporary permission information (S90). After that, 
the processing of Step S88 is carried out. If the use permit/ 
reject decision processing of Step S20 is skipped, namely, if 
the processing of N of S14 orY of S18 is effected (Y of S80), 
Steps S82 and S84 will be skipped and the processing of Step 
S86 will be performed. 

[0077] By employing the game playing system 1000 
according to the present embodiment, the use permission tag 
220 together with the game disk 210 is supplied to the user, 
and the use permission tag 220 actively determines the use 
permit/rejection of electronic content. Thereby, the use of 
game AP stored in the game disk 210 can be restricted as 
appropriate according to the attribute of a reproduction 
device. Consider, for example, a case where used is a game 
package 200 distributed in the second-hand market. Then the 
ID of reproduction device for the game disk 210 differs from 
the legitimate use device ID stored in the use permission tag 
220, so that the game disk can be reproduced in a mode which 
is predetermined for those bought and sold in the second- 
hand market. Also, for example, a content key may be sup- 
plied to the reproduction device 130 and the encrypted game 
AP may be decrypted using the content key only if the repro- 
duction device ID matches a legitimate use device ID. Hence, 
use of game APs bought and sold in the second-hand market 
can be eliminated. 

[0078] Also, according to the game playing system 1000, 
once the permission information is supplied to a reproduction 
device 130, the use permit/reject decision processing using 



the use permission tag 220 will be skipped. Thus, many steps 
that the user should otherwise have taken can be saved and 
therefore the user' s convenience can be improved. Also, since 
the permission information supplied to the reproduction 
device 130 is encrypted with a secret key of the reproduction 
device 130 and then stored. Thus, the encrypted data cannot 
be decrypted by other reproduction devices and therefore 
illegitimate use of the permission information can be pre- 
vented. 

[0079] Also, according to the game playing system 1000, 
whether the use permit/reject decision processing using the 
use permission tag 220 is required or not can be determined 
and set depending on the content of the disk ID of the game 
disk 210. Thus, game APs whose reproduction device is 
restricted and those whose reproduction device is not 
restricted may be mixed together in one game playing system 
1000. Hence, the use permit/reject decision processing using 
the use permission tag 220 may be carried out as needed. 
[0080] Also, according to the game playing system 1000, 
the data transmitted and received among the security man- 
agement unit 116 of the disk drive 110, the security manage- 
ment unit 144 of the reproduction device 130, and the security 
management unit 226 of the use permission tag 220 is 
encrypted using the session key. As a result, even though the 
data communicated between the security management units 
is illegally intercepted, it can be made extremely difficult to 
obtain information with which to protect the security from the 
intercepted data. Here, the information with which to protect 
the security from the intercepted data includes the disk ID, 
reproduction request information, permission information, 
temporary permission information, and content key, for 
instance. In other words, the illegitimate use of game APs can 
be prevented. 

[0081] Also, according to the game playing system 1000, 
even when the reproduction device ID does not match the 
legitimate use device ID, the temporary use of a game AP is 
permitted within a predetermined number of times. Thereby, 
a trial period may be set for the game AP, thus prompting the 
user to purchase the official version of the game AP. Also, the 
temporary permission information is not permanently stored 
in the game device 100, thereby preventing the illegitimate 
use of the temporary permission information supplied from 
the use permission tag 220 and the illegitimate use of the 
game AP. Should the temporary permission information be 
illegally obtained, the temporary permission information 
would be an encrypted with a unique session key determined 
though the communication session between the use permis- 
sion tag 220 and the disk drive 110. Thus, a person who has 
illegally acquired the temporary permission information is 
unable to decrypt the encrypted data of the temporary per- 
mission information, so that the illegitimate use of the tem- 
porary permission information can be prevented. Also, since 
the use permit/reject decision processing using the use per- 
mission tag 220 is required every time the game AP is used in 
the temporary use, the number of temporary uses can be 
reliably counted. 

[0082] Also, if a reproduction device ID matching the 
legitimate use device ID is informed, the use permission tag 
220 will reset the number of temporary uses. This allows the 
user having a plurality of game devices 1 00 to continue to use 
the game AP in the plurality of game devices. 
[0083] The present invention has been described based 
upon illustrative embodiments. The above-described 
embodiments are intended to be illustrative only and it will be 
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obvious to those skilled in the art that various modifications to 
the combination of constituting elements and processes could 
be developed and that such modifications are also within the 
scope of the present invention. Modifications will now be 
described below. 

[0084] A description is now given of a first modification. 
Though not particularly mentioned in the above-described 
embodiments, the game package 200 may be such that the 
period of time during which the game AP stored in the game 
disk 210 is reproducible is predetermined. The retail price of 
the game package 200 is set to a price lower than the retail 
price of a game package in which no limit is imposed on the 
number of times, and the retail price of the game package 200 
is set such that the shorter the reproducible period is, the lower 
the price will be. In such a case, the number of reproductions 
and the upper limit number of reproductions (maximum 
allowable number of reproductions) may be set in the legiti- 
mate use information table. The number of uses purchased by 
the user may be set, as the upper limit number of reproduc- 
tions, by a point-of-sales terminal at a store. Whenever the 
security management unit 226 of the use permission tag 220 
receives the reproduction request information from the legiti- 
mate use device, not only the disk ID and the reproduction 
device ID are checked but also the number of reproductions is 
incremented. And if the number of reproductions after the 
update is less than or equal to the maximum allowable num- 
ber of reproductions, the use permission information will be 
supplied. If the number of reproductions after the update 
exceeds the maximum allowable number of reproductions, 
the rejection information will be supplied. According to the 
first modification, the restrictions for electronic content 
stored in the recording medium can be implemented by arbi- 
trarily setting the number of reproductions. Also, the user is 
only required to pay for the service corresponding to the 
number of gameplays, so that the game package 200 that 
respond flexibly to a user's playing style can be provided. 
[0085] A description is given of a second modification. 
Though in the above-described embodiments the disk ID is 
the ID unique to the game disk 210, in the second modifica- 
tion the disk ID may be an ID, unique to each game title, 
which is uniquely determined for each game title. This second 
modification is similarly configured to the above-described 
embodiments, thus achieving the same advantageous effects 
as those thereof. 

[0086] A description is given of a third modification. 
Though in the above-described embodiments the ID of the 
reproduction device serving as a game AP is set in the repro- 
duction request information, in the third modification the ID 
of a user that is the entity that utilizes the game AP maybe set 
in the reproduction request information. The user ID may be 
a password but more desirable is an ID set based on informa- 
tion that is unique to the user and also difficult to be shared 
with the other users (e.g. biological information such as infor- 
mation on his/her fingerprint and/or iris). In this case, a bio- 
logical information acquiring device such as a fingerprint 
reading device may be mounted on the game device 100, and 
the security management unit 144 of the reproduction device 
130 may set the user ID using the biological information 
obtained by the biological information acquiring device. 
According to the third embodiment, when one person owns a 
plurality of game devices, all the game devices can be handled 
as legitimate use devices without regarding some of them as 
the temporary use devices. As a result, the use permit/rejec- 
tion decision processing carried out by the use permission tag 



220 can be skipped in all the game devices and therefore the 
user's convenience can be improved. 

[0087] A description is given of a fourth modification. In 
the above-described embodiments, the security management 
unit 226 of the use permission tag 220 determines whether the 
reproduction device ID agrees with the legitimate use device 
ID or not. In the fourth modification, whether an attribute of 
the reproduction entity indicated by the reproduction device 
ID matches a use condition or not may be determined. Here, 
the attribute of the reproduction entity indicated by the repro- 
duction device ID may be the product type of the reproduction 
device, the installation position of the reproduction device, 
the owner of the reproduction device or the like, for instance. 
For example, if the reproduction device ID indicates that it is 
installed in a specific company, the security management unit 
226 may determine that the use condition has been met. 
[0088] A description is given of a fifth modification. In the 
above-described embodiments, if the reproduction device ID 
and the legitimate use device ID do not match with each other, 
the reproduction of a game AP will be permitted within a 
predetermined number of times. In the fifth modification, if 
the temporary permission information is supplied from the 
use permission tag 220, only a part of the game AP may be 
reproduced by the reproduction device 130. Also, if the repro- 
duction device ID and the legitimate use device ID do not 
match with each other, the rejection information may be 
supplied regardless of the number of temporary uses and the 
reproduction of the game AP will be rejected. 
[0089] A description is given of a sixth modification. In the 
above-described embodiments, both the game disk 210 and 
the use permission tag 220 are included in the game package 
200. However, the game disk 210 and the use permission tag 
220 may be provided to the user with different timings. That 
is, it is only necessary that the user has the use permission tag 
220 when he/she uses the game disk 210. For example, even 
if a distribution source (seller) of a game provides the game 
disk 210 to the user beforehand, the start timing of game play 
can be controlled with the timing with which the use permis- 
sion tag 220 is supplied. 

[0090] A description is given of a seventh modification. In 
the above-described embodiments, the use permission tag 
220, which wirelessly communicates with the reproduction 
device 130, is exemplified as a device that carries out the use 
permit/reject decision processing. However, the device that 
carries out the use permit/reject decision processing is not 
limited to that mode. For example, the device carrying out the 
use permit/reject decision processing may be a universal 
serial bus (USB) dangle connected to the reproduction device 
130 via USB. 

[0091] A description is given of an eighth modification. In 
the above-described embodiments, an object on which its use 
permission or rejection is determined is exemplified by elec- 
tronic content stored in the recording medium. In the eighth 
modification, it is stressed that the technical idea underlying 
the present invention described in this patent specification is 
also applicable to various products sold under license such as 
peripheral devices, accessories and supplies of the informa- 
tion processing apparatus. 

[0092] A description is given of a ninth modification. In the 
above-described embodiments, the decision processing unit 
148 of the reproduction device 130 encrypts the permission 
information conveyed from the use permission tag 220, using 
its own secret key and then stores the encrypted permission 
information in the storage 120. In the ninth modification, the 
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decision processing unit 230 of the use permission tag 220 
may store its own secret key and a public key by associating 
the secret key and the public key with each other and may 
convey the permission information encrypted with the secret 
key, together with the public key, to the reproduction device 
130. The decision processing unit 148 of the reproduction 
device 130 may store the encryptedpermission information in 
the storage 120 and may decrypt the encrypted permission 
information with the public key of the use permission tag 220 
when the permission information needs to be referenced. This 
ninth modification achieves the same advantageous effects as 
those of the above-described embodiments, too. The same 
principle as in the ninth modification also applies to the tem- 
porary permission information, and the decision processing 
unit 230 of the use permission tag 220 may convey the tem- 
porary permission information, together with the public key, 
to the disk drive 110. Then the security management of the 
disk drive 110 may decrypt the encrypted temporary infor- 
mation using the public key of the use permission tag 220. 

[0093] In still another modification, the decision process- 
ing unit 230 of the use permission tag 220 may convey per- 
mission information, a digital signature where a message 
digest (e.g., a hash value) generated from the permission 
information is encrypted with its own secret key, and its own 
public key to the reproduction device 130. The decision pro- 
cessing unit 148 of the reproduction device 130 may verify 
the message digest obtained from a result in which the noti- 
fied digital signature has been decrypted with the public key 
of the use permission tag 220, against the message digest 
generated from the notified permission information. On the 
condition that both the message digests match with each 
other, it may be determined that the legitimate information 
has been notified, and the reproduction processing of the 
game AP may be continued. In this case, too, the decision 
processing unit 148 encrypts the legitimate information as 
appropriate and then stores the encrypted legitimate informa- 
tion in the storage 120. 

[0094] A description is given of a tenth modification. The 
function of the use permission tag 220 in the above-described 
embodiments may be achieved by the game disk 210 and the 
disk drive 110. More specifically, the security management 
unit 116 of the disk drive 110 may further provide the same 
function as that of the security management unit 226 of the 
use permission tag 220. Also, the game disk 210 may be 
further comprised of the same function as that of the use 
condition storage 222 of the use permission tag 220. For 
example, the security management unit 116 may store the 
legitimate use information table and the temporary use infor- 
mation table in a secure storage area where accessing from 
locations other than the security management unit 116 of the 
disk drive 110 is prohibited. In this case, the security man- 
agement unit 116 of the disk drive 110 receives the reproduc- 
tion request information from the security management unit 
144 of the reproduction device 130. Then the use permit/ 
reject decision processing is carried out by referencing and 
updating, as appropriate, the legitimate use information table 
and the temporary use information table of the game disk 210. 
Since the tenth modification eliminates the RFRW 132 in the 
reproduction device 130, the manufacturing cost and the 
retail price of the reproduction device 130 can be reduced. 
Also, the use permission tag 220 is eliminated in the game 
package 200, so that the retail price of the game package 200 
can be reduced. 



[0095] Optional combinations of the aforementioned 
embodiments and modifications may also be useful as addi- 
tional modes of the present invention. And it should be under- 
stood that new embodiments realized by such combinations 
and modifications thereof provide their own advantages. 
[0096] It should be understood by those skilled in the art 
that the functions to be performed by the constituent features 
cited in the claims can also be realized by the components 
shown in the embodiments and modifications thereof alone or 
in combination. 

What is claimed is: 

1. An electronic content processing system comprising: 

a use permission apparatus provided for use in a recording 
medium that stores electronic content for a user of the 
electronic content; 

a medium drive configured to read the electronic content 
from the recording medium; and 

a reproduction device configured to reproduce the elec- 
tronic content read by the medium drive, 

the medium drive having a security management unit con- 
figured to read from the recording medium an article ID 
that is an ID of the electronic content or the recording 
medium, 

the reproduction device having a security management unit 
configured to convey a reproduction entity ID, which is 
a reproduction device ID or a user ID, together with the 
article ID read by the medium drive to the use permis- 
sion apparatus when the electronic content is to be repro- 
duced, 

the use permission apparatus including: 

a use condition storage for storing a use condition that 
defines an attribute of an entity accessible to the elec- 
tronic content; and 
a determining unit for determining whether or not a 
combination of the article ID and the reproduction 
entity ID conveyed from the reproduction device ful- 
fills the use condition, 
wherein the security management unit of the reproduction 
device determines a reproduction mode of the electronic 
content based on a decision result as to whether or not 
the combination thereof fulfills the use condition. 

2. An electronic content processing system according to 
claim 1, wherein the use condition storage of the use permis- 
sion apparatus stores the article ID from the recording 
medium and a reproducible entity ID, which is an ID of a 
device or user having an authorization to reproduce the con- 
tent, and 

wherein the determining unit of the use permission appa- 
ratus determines whether or not the combination of the 
article ID and the reproduction entity ID conveyed from 
the reproduction device agrees with a combination of the 
article ID and the reproducible entity ID stored in the use 
condition storage. 

3. An electronic content processing system according to 
claim 1, wherein the electronic content is encrypted using a 
predetermined content key and stored in the recording 
medium, 

wherein the security management unit of the medium drive 
reads the content key from the recording medium, 

wherein, when the combination of the article ID and the 
reproduction entity ID fulfills the use condition, the 
determining unit of the use permission apparatus sup- 
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plies permission information indicating permission to 
reproduce the electronic content, to the reproduction 
device, and 

wherein, when the permission information is supplied 
from the use permission apparatus, the security manage- 
ment unit of the reproduction device acquires the content 
key from the medium drive and decrypts encrypted data 
of the electronic content. 

4. An electronic content processing system according to 
claim 3, wherein, when the electronic content is reproduced 
and when the permission information has already been 
acquired from the use permission apparatus, the security 
management unit of the reproduction device skips a process 
of making an inquiry to the use permission apparatus. 

5. An electronic content processing system according to 
claim 3, wherein the use condition storage of the use permis- 
sion apparatus further stores information indicating an avail- 
ability period of the electronic content, 

wherein, when the combination of the article ID and the 
reproduction entity ID fulfills the use condition and 
when the information is within the availability period, 
the determining unit of the use permission apparatus 
supplies the permission information. 

6. An electronic content processing system according to 
claim 3, wherein, when the reproducible entity ID, which is 
an ID of a device or user having an authorization to reproduce 
the content, has not been set as the use condition in the use 
condition storage, the determining unit of the use permission 
apparatus sets the reproduction entity ID, conveyed from the 
reproduction device, as a reproducible entity ID and supplies 
the permission information. 

7. An electronic content processing system according to 
claim 3, wherein, when the combination of the article ID and 
the reproduction entity ID does not fulfill the use condition, 
the determining unit of the use permission apparatus supplies, 
to the medium drive, temporary permission information indi- 
cating that the reproduction of the electronic content is tem- 
porarily permitted, on the condition that a predetermined time 
period or less has elapsed after an initial notification of the 
reproduction entity ID, and 

wherein, when the temporary permission information is 
supplied from of the use permission apparatus, the secu- 
rity management unit of the medium drive supplies the 
content key to the reproduction device. 

8. An electronic content processing system according to 
claim 7, wherein, when the combination of the article ID and 
the reproduction entity ID fulfilling the use condition is noti- 
fied after the temporary permission information has been 
supplied, the determining unit of the use permission appara- 
tus continues to supply the temporary permission information 
to the combination of the article ID and the reproduction 
entity ID not fulfilling the use condition, even after the pre- 
determined time period has elapsed. 

9. An electronic content processing system according to 
claim 7, wherein the determining unit of the use permission 
apparatus encrypts the temporary permission information 
using a session key that is a different value for each session 
communicated with the medium drive, and sends the 
encrypted data to the medium drive. 

10. An electronic content processing system according to 
claim 9, wherein the determining unit of the use permission 
apparatus acquires the same session key as that acquired by 
the medium drive, on the condition that the medium drive is a 
legitimate medium drive. 



11. An electronic content processing system according to 
claim 1, wherein the article ID contains data indicating 
whether or not the entity accessible to the electronic content 
needs to be restricted, and 

wherein, when the article ID indicates that the restriction is 
necessary, the security management unit of the repro- 
duction device conveys the article ID and the reproduc- 
tion entity ID to the use permission apparatus. 

12. An electronic content processing system according to 
claim 1, wherein the management unit of the reproduction 
device encrypts the article ID and the reproduction entity ID 
using a session key that is a different value for each session 
communicated with the use permission apparatus, and sends 
the encrypted data to the use permission apparatus. 

13. An electronic content processing system comprising: 
a use permission apparatus provided for use in a recording 

medium that stores electronic content for a user of the 
electronic content; and 
a reproduction device configured to reproduce the elec- 
tronic content stored in the recording medium, 
the reproduction device having a security management unit 
configured to convey a reproduction entity ID, which is 
a reproduction device ID or a user ID, when the elec- 
tronic content is to be reproduced, 
the use permission apparatus including: 

a use condition storage for storing a use condition that 
defines an attribute of an entity accessible to the elec- 
tronic content; and 
a determining unit for determining whether or not the 
reproduction ID conveyed from the reproduction 
device fulfills the use condition, 
wherein the security management unit of the reproduction 
device determines a reproduction mode of the electronic 
content based on a decision result as to whether or not 
the reproduction entity ID fulfills the use condition. 

14. An use permission apparatus provided for use in a 
recording medium that stores electronic content for a user of 
electronic content, the use permission apparatus comprising: 

a use condition storage configured to store a use condition 
that defines an attribute of an entity accessible to the 
electronic content; 

a receiving unit configured to receive a reproduction entity 
ID, which is a reproduction device ID or a user ID, from 
the reproduction device that reproduces the electronic 
content stored in the recording medium; 

a determining unit configured to determine whether or not 
the reproduction entity ID conveyed from the reproduc- 
tion device fulfills the use condition; and 

a conveying unit configured to convey a decision result, 
regarding whether or not the reproduction entity ID ful- 
fills the use condition, to the reproduction device. 

15. An electronic content processing method comprising: 
conveying a reproduction entity ID, which is a reproduc- 
tion device ID or a user ID, from a reproduction device, 
which is to reproduce electronic content stored in a 
recording medium, to a use permission apparatus pro- 
vided for use in the recording medium for a user of the 
electronic content; 

determining whether the reproduction entity ID conveyed 
from the reproduction device fulfills a use condition or 
not, wherein the determining is performed by the user 
permission apparatus that references a use condition that 
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defines an attribute of an entity accessible to the elec- 
tronic content stored in a predetermined storage area; 
and 

determining by the reproduction device a reproduction 
mode of the electronic content according to a decision 
result regarding whether or not the reproduction entity 
ID fulfills the use condition. 

16. A package of electronic content available in a commer- 
cial transaction, the package including and supplied with: 



a recording medium storing the electronic content; 

a use permission apparatus configured to store a use con- 
dition of the electronic content and configured to deter- 
mine whether or not the use condition is fulfilled, when 
an instruction is given to reproduce the electronic con- 
tent from an external reproduction device. 



